CVSS: 5.6EPSS: 8%CPEs: 20EXPL: 1CVE-2022-21877 – Storage Spaces Controller Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-21877
11 Jan 2022 — Storage Spaces Controller Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Storage Spaces Controller This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the spaceport.sys driver. • https://github.com/Big5-sec/cve-2022-21877 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 18%CPEs: 20EXPL: 1CVE-2021-43226 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43226
15 Dec 2021 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios de Windows Common Log File System Driver. • https://github.com/Rosayxy/cve-2021-43226PoC •
CVSS: 5.5EPSS: 15%CPEs: 20EXPL: 1CVE-2021-43224 – Windows Common Log File System Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-43224
15 Dec 2021 — Windows Common Log File System Driver Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows Common Log File System Driver • https://github.com/KaLendsi/CVE-2021-43224-POC •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-41285
https://notcve.org/view.php?id=CVE-2021-41285
04 Oct 2021 — Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. • https://github.com/VoidSec/Exploit-Development/blob/master/windows/x64/kernel/crucial_Ballistix_MOD_Utility_v.2.0.2.5/crucial_Ballistix_MOD_Utility_v.2.0.2.5_memory_dump_PoC.cpp •
CVSS: 7.8EPSS: 19%CPEs: 19EXPL: 1CVE-2021-36955 – Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-36955
15 Sep 2021 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows Common Log File System Driver. Este CVE ID es diferente de CVE-2021-36963, CVE-2021-38633 Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/JiaJinRong12138/CVE-2021-36955-EXP •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 3CVE-2021-32537 – Realtek High definition audio Windows driver crashed
https://notcve.org/view.php?id=CVE-2021-32537
07 Jul 2021 — Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. Due to unexpected commands, the kernel driver will cause the system crashed. • https://packetstorm.news/files/id/163498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 1CVE-2021-31970 – Windows TCP/IP Driver Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31970
08 Jun 2021 — Windows TCP/IP Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Windows TCP/IP Driver The Windows Filtering Platform does not verify the token impersonation level when checking filters allowing the bypass of firewall rules leading to elevation of privilege. • http://packetstormsecurity.com/files/163256/Microsoft-Windows-Filtering-Platform-Token-Access-Check-Privilege-Escalation.html • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 4.4EPSS: 0%CPEs: 17EXPL: 1CVE-2021-28447 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-28447
13 Apr 2021 — Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad de Early Launch Antimalware Driver de Windows. • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 •
CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 1CVE-2021-27094 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-27094
13 Apr 2021 — Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Windows Early Launch Antimalware Driver. • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2021-28927
https://notcve.org/view.php?id=CVE-2021-28927
07 Apr 2021 — The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names. El motor de text-to-speech en libretro RetroArch para Windows versión 1.9.0 pasa la entrada no saneada a PowerShell mediante el archivo platform_... • https://github.com/libretro/RetroArch/blob/d3dc3ee989ec6a4903c689907ffc47027f71f776/frontend/drivers/platform_win32.c • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •